iEntry 10th Anniversary RSS Newsletter Advertising
Visit Twellow.com
Text: Decrease Font Size Increase Font Size | Print Print Article | Share: Delicious Digg StumbleUpon Post to Twitter Post to Facebook
CommentThursday, December 27, 2007

Google's Blogger Plagued By Storm Worm

Fast-flux servers key to threat
Hundreds of blogs on the Bloggers service have been found to contain links to servers that will infect visitors with the notorious Storm worm.

Stay away from links wishing you New Year's happiness on Blogger sites. There is a good chance these links go to a dangerous destination.

Security vendor Trend Micro reported seeing the explosion of Blogger pages containing these links. Researcher Paul Ferguson detailed this rapid rise:

However, in the past 24 hours, there seems to be hundreds of blogs which have appeared that now have singular links to a set of fast-flux servers that infects the user with the Storm Worm (a.k.a. NuWar — Trend Micro detects this as WORM_NUCRP.GEN). These “blogs” have nothing more than a reference to a “…Wishing You a Happy New Year…” or something similar, and a link to one of the server names which will infect the user with the Storm Worm.
Fast-flux provides obfuscation to the malicious servers harboring the worm. This makes it difficult to identify the machines dealing out the threat. The Honeynet Project said fast-flux involves a fully qualified domain name having hundreds or even thousands of round-robin IP addresses with very short Time To Live for each record.

People seeing New Year's links on Blogger pages similar to the ones in the Trend Micro screenshot should report them to Google. And don't click on them.

News Tags: Google, blogger, Storm Worm

Publish A Comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
8 + 3 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.
SEARCH
Popular WPN Business Resources












Subscribe to WebProNews


Send me relevant info